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DETAILED ACTION 

This Office Action is in response to the communication filed on 02/03/2009. 
Claims 3-5, 1,9, 11, and 22-30 have been cancelled. 

Claims 1-2, 6, 8, 10, and 12-16 have been amended. 

Claims 1-2, 6, 8, 10, and 12-21 have been examined and are pending. 

Response to Amendment 

The applicant's amendment filed 02/03/2009 necessitated the new ground(s) of rejection 
presented in this Office action. Therefore, applicant's arguments with respect to claims 1-2, 6, 8, 
10, and 12-21 have been considered but are moot in view of the new ground(s) of rejection. 

Specification 

The specification is objected to as failing to provide proper antecedent basis for the 
claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the 
following is required: 

There is no antecedent basis for "a computer-readable storage medium'''' for claims 1, 8, 

and 16. 

Claim Objections 

Claims 1, 10, 14, and 20 are objected to because of the following informalities: 
Appropriate correction is required. 
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(Claim 1, line 6): "the session" should be replaced by "the secure session" to avoid 
antecedent basis. 

(Claim 10, line 4): "the security warning messages" should be replaced by "security 
warning messages" to avoid antecedent basis. 

(Claim 14, line 3): "the denial" should be replaced by "a denial" to avoid antecedent 

basis. 

(Claim 20, line 3): "reports the denial" should be replaced by "reports a denial" to avoid 
antecedent basis. 



Claim Rejections - 35 USC § 112 
Claims 1-2 and 6 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one skilled in the 
relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. 

Claim 1 recites the limitation "the access attempts are directed to resources of the 
external site " in lines 8-10 (emphasis added). However, the aforementioned limitation was not 
described in the specification. As a result, the specification fails to convey to one skilled in the 
art at the time the application was filed, that the inventor(s) had possession of the claimed 
invention. 
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Claims 2 and 6 are dependent on claim 1, and therefore inherit the 35 U.S.C 1 12, first 
paragraph as failing to comply with the written description requirement of the independent 
claims. 

The Examiner kindly requests the Applicant clearly points out with specificity (i.e. 
column and line) in the specification where it describes/supports the aforementioned limitation. 



The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claims 1 and 8 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claims 1 and 8 recite in the preamble "A method to manage secure communications 
implemented in a computer-readable storage medium and to execute on a proxy for performing 
the method ". It is unclear how a method to execute on a proxy for performing the method 
itself. 

Claim 8 recites the limitation "scanned on behalf of the external client within the; " in 
lines 11-12. It is unclear the meaning of the aforementioned phrase. 

Claim 8 recites in the limitation, "making a determination in response to the inspection 
for permitting some of the insecure transactions to proceed unmodified by performing the 
actions . . ., permitting some of the insecure transactions to proceed in a modified fashion in a 
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modified fashion, and denying some of the insecure transactions . . .by denying the actions 
requested, and wherein some of the insecure transactions that are denied . . . , and wherein these 
references are entirely removed ... the external client." (emphasis added). It is unclear that one 
action, two actions, any action combination or all actions will be performed based upon on the 
inspection. 

Claims 2, 6 and 10, 12-15 are rejected due to a dependency of claim 1 and 8 
respectively. 

The Examiner kindly requests the Applicant clearly points out with specificity (i.e. 
column and line) in the specification where it describes/supports the aforementioned limitation. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-2, 6, 8, 13, and 16-17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Subramaniam et al. (US Patent: 6,081,900) in view of Barton et al. (US 2003/0131259 
Al) further in view of Bazot et al. (US 2004/0073629 Al). 



As per claim 1: 
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Subbramanian a method to manage secure communications implemented in a 
computer-readable storage medium and to execute on a proxy for performing the method, 
comprising: 

(a) establishing a secure session on a secure site with an external client that 
communicates from an insecure site [Subramaniam : Col. 3 lines 35-50; Col. 3, line 66 to Col. 
4 line 17];; 

(b) detecting access attempts during the session directed to insecure transactions, the 
insecure transactions identified as links to a site [Subramaniam : Col. 6, lines 40-60; By 
checking the IP address which the request was made, the target server 104 determines that 
the request came from outside the security parameter 102. The target server 104 check 
user permission against access control list associated with the data"; fig. 1, Border server 
106 includes URL transformer 108 and cache(s) 110; fig. 3; Border server 106; Col. 9, lines 
32-43; "The possibly repeated acts within the transmitting step 128 involve sending one or 
more Web pages, files, or other pieces of non-secure data 130 from the target server 104 to 
the border server 106. The data 130 is non-secure in that it includes hypertext links, URLs, 
or other references which, if presented by the external client 112 to the secure network 100, 
....which contain URLs specifying "http://" rather than "https://" in reference to data 
stored on the target server 104 are examples of non-secure data 130"; Col. 10, lines 10-19] 
[[ (external site) to, not controlled by, and not recognized by the secure site, and wherein the 
access attempts are directed to resources of the external site]] ; and 

(c) transparently managing the access attempts by pre-acquiring content from the site by 
accessing the links on behalf of the external client to pre-acquire the content and by scanning and 
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inspecting the content within the secure site before determining whether the content should be 
made available to the external client during the secure session [Subramaniam : Col. 6, lines 40- 
60; The target server 104 check user permission against access control list associated with 
the data, or take other steps to make sure the requesting user is entitled to access the 
request data before providing data"; fig. 1, Border server 106 includes URL transformer 
108 and cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated 
acts within the transmitting step 128 involve sending one or more Web pages, files, or other 
pieces of non-secure data 130 from the target server 104 to the border server 106. The data 
130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
presented by the external client 112 to the secure network 100, ....which contain URLs 
specifying "http://" rather than "https://" in reference to data stored on the target server 
104 are examples of non-secure data 130"; Col. 10, lines 10-19; Col. 5; lines 25-27; "The 
secure network 100 includes one or more file or object or Web servers such as target server 
104"; figs. 1, 3; The target server 104 is in the secure network 100; Col. 10, lines 59-66; 
"The target server 104 can then transform any non-secure data 130 to the border server 
106 for subsequent transmission to the external client 112."] [[and wherein at least one 
access attempt associated with at least one piece of the content that is scanned identifies a true 
insecure reference by determining that the true insecure reference is part of a pre-defined list of 
unacceptable references that are not recognized by the secure site, and wherein the true insecure 
reference is entirely removed from the content before the content is supplied to the external 
client.]]; 

Subramaniam does not explicit disclose wherein the border server is external from the 
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secure site, wherein at least one access attempt associated with at least one piece of the content 
that is scanned identifies a true insecure reference by determining that the true insecure reference 
is part of a pre-defined list of unacceptable references that are not recognized by the secure site, 
and wherein the true insecure reference is entirely removed from the content before the content is 
supplied to the external client. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to move the border server to an site external from the secure location, since it has 
been held that it requires routine skill in the art to rearrange the location of the border server 
because it would not have modified the operation of the device [See MPEP 2144.04; see also 
In reJapikse, 181 F.2d 1019, 86 USPQ 70 (CCPA 1950)]. 

Barton discloses transferring data via a secure network connection, wherein at least one 
access attempt associated with at least one piece of the content that is scanned identifies a true 
insecure reference by determining that the true insecure reference is part of a pre-defined list 
of unacceptable references that are not recognized by the secure site [Barton: par. [0012]; 
scanning code operable to scan said data at said proxy computer for illegal content; See 
also par. [0014], [0018]; par. [0033]; if illegal content is found, the this trigger an 
appropriate action such as sending of a warning webpage to a client ...The secure 
connection would also be terminated; fig. 4, par. [0039]]; 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Barton with the teaching of 
Subramaniam, wherein at least one access attempt associated with at least one piece of the 
content that is scanned identifies a true insecure reference by determining that the true insecure 
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reference is part of a pre-defined list of unacceptable references that are not recognized by the 
secure site to ensure that a transferring data does not contain any illegal content by scanning for 
illegal content before data is delivered to a client [Barton: par. [0014]]. 

Subramaniam and Barton do not explicitly disclose wherein the true insecure reference is 
entirely removed from the content before the content is supplied to the external client. 

However, Bazot discloses method of accessing Internet resources through a proxy with 
improved security, wherein the true insecure reference is entirely removed from the content 
before the content is supplied to the external client [Bazot: abstract; fig. 2; par. [0010]; 
transmitting a response to a user after cookie(s) has (have) been removed from the response; See 
also par. [0019-0020]]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Bazot with the teaching of Subramaniam 
and Barton, wherein the true insecure reference is entirely removed from the content before the 
content is supplied to the external client to provide users with a means for accessing Internet 
resource through a proxy with improved security by preventing cookies from being downloaded 
and potentially analyzed by a user o a hacker taking a place of the user [Bazot: par. [0002], 
[0009]]. 

As per claim 2: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as described 
above. 

Subbramaniam further teaches the method of claim 1 wherein the detecting further 
includes translating any non-secure links into secure links for some of the insecure transactions 



Application/Control Number: 1 0/752,385 Page 1 0 

Art Unit: 2439 

before presenting results of the access attempts to the external client [Subramaniam: Col. 3, 
lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs 
(i.e. HTTPs)]. 

As per claim 6: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as described 
above. 

Subramaniam further teaches the method of claim 1 wherein managing includes at least 
one or more of: 

issuing alerts [Subramaniam: Col. 11, lines 61-67], notifications [Subramaniam: Col. 

8, lines 40-57] , or advisories to a monitoring entity or log. 



As per claim 8: 

Subramaniam a method to manage secure communications implemented in a 
computer-readable storage medium and to execute on a proxy for performing the method, 
comprising: 

(a) detecting insecure transactions occurring during a secure session, wherein the insecure 
transactions result from actions requested by an external client participating in the secure session 
[Subramaniam: Col. 6, lines 40-60; By checking the IP address which the request was 
made, the target server 104 determines that the request came from outside the security 
parameter 102]; 
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(b) inspecting the insecure transactions in advance of satisfying the actions requested by 
pre-acquiring content associated with the insecure transactions before making available to the 
external client, and wherein the insecure transactions are associated with links to an external site 
[[located outside a secure site associated with the secure session]], and wherein content are pre- 
acquired from the external site via the links and inspected and scanned on behalf of the external 
client within the [Subramaniam : Col. 6, lines 46-60; A target server check user permissions 
against access control lists; fig. 1, Border server 106 includes URL transformer 108 and 
cache(s) 110; fig. 3; Border server 106; Col. 9, lines 32-43; "The possibly repeated acts 
within the transmitting step 128 involve sending one or more Web pages, files, or other 
pieces of non-secure data 130 from the target server 104 to the border server 106. The data 
130 is non-secure in that it includes hypertext links, URLs, or other references which, if 
presented by the external client 112 to the secure network 100, ....which contain URLs 
specifying "http://" rather than "https://" in reference to data stored on the target server 
104 are examples of non-secure data 130"; Col. 10, lines 10-19]; and 

(c) making a determination in response to the inspection for permitting some of the 
insecure transactions to proceed unmodified by performing the actions requested for the external 
client, permitting some of the insecure transactions to proceed in a modified fashion 
[Subramaniam : Col. 3, lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. 
HTTP) into secure URLs (i.e. HTTPs)] [[and denying some of the insecure transactions by 
denying the actions requested, and wherein some of the insecure transactions that are denied are 
identified as references to a pre-defined list of unacceptable references that are not recognized 
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by the secure site, and wherein these references are entirely removed from the content before the 

content is supplied to the external client]]. 

Subramaniam does not explicitly teach wherein the border server is external from the 
secure site, denying some of the insecure transactions by denying the actions requested, wherein 
some of the insecure transactions that are denied are identified as references to a pre-defined list 
of unacceptable references that are not recognized by the secure site, and wherein these 
references are entirely removed from the content before the content is supplied to the external 
client. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to move the border server to an site external from the secure location, since it has 
been held that it requires routine skill in the art to rearrange the location of the border server 
because it would not have modified the operation of the device [See MPEP 2144.04; see also 
In reJapikse, 181 F.2d 1019, 86 USPQ 70 (CCPA 1950)]. 

Barton discloses transferring data via a secure network connection, wherein denying 
some of the insecure transactions by denying the actions requested, wherein some of the insecure 
transactions that are denied are identified as references to a pre-defined list of unacceptable 
references that are not recognized by the secure site, [Barton: par. [0012]; scanning code 
operable to scan said data at said proxy computer for illegal content; See also par. [0014], 
[0018]; par. [0033]; if illegal content is found, the this trigger an appropriate action such as 
sending of a warning webpage to a client ...The secure connection would also be 
terminated; fig. 4, par. [0039]]. 
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Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Barton with the teaching of 
Subramaniam, wherein denying some of the insecure transactions by denying the actions 
requested, wherein some of the insecure transactions that are denied are identified as references 
to a pre-defined list of unacceptable references that are not recognized by the secure site to 
ensure that a transferring data does not contain any illegal content by scanning for illegal content 
before data is delivered to a client [Barton: par. [0014]]. 

Subramaniam and Barton do not explicitly disclose wherein the true insecure reference is 
entirely removed from the content before the content is supplied to the external client. 

However, Bazot discloses method of accessing Internet resources through a proxy with 
improved security, wherein the true insecure reference is entirely removed from the content 
before the content is supplied to the external client [Bazot: abstract; fig. 2; par. [0010]; 
transmitting a response to a user after cookie(s) has (have) been removed from the response; See 
also par. [0019-0020]]. 

Therefore, it would have been obvious to one person of ordinary skill in the art at the 
time the invention was made to combine the method of Bazot with the teaching of Subramaniam 
and Barton, wherein the true insecure reference is entirely removed from the content before the 
content is supplied to the external client to provide users with a means for accessing Internet 
resource through a proxy with improved security by preventing cookies from being downloaded 
and potentially analyzed by a user or a hacker taking a place of the user [Bazot: par. [0002], 
[0009]]. 
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As per claim 13: 

Subramaniam further discloses the method of claim 8 wherein the making a 
determination further includes permitting some of the insecure transactions to proceed in a 
modified fashion by transparently processing the external client access attempt within a proxy 
making the external client access attempt appear to be part of the secure session [Col. 3, lines 
66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs (i.e. 
HTTPs)]. 

As per claim 16: 

This claim has limitations that are similar to those of claims 1 and 8, thus it is rejected 
with the same rationale applied against claims 1 and 8 above. 

As per claim 17: 

Subramaniam further discloses the secure communications management system of claim 
16 wherein the secure communications manager translates Hypertext Transfer Protocol (HTTP) 
insecure communications into HTTP over Secure Sockets Layer (HTTPS) secure 
communications during the secure session [Subramaniam : Col. 3, lines 66-67; Col. 4, lines 1- 
8; Transforming non-secure URLs (i.e. HTTP) into secure e URLs (i.e. HTTPs)]. 

Claims 10, 12, 14-15, and 18-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Subramaniam et al. (US Patent: 6,081,900) in view of Barton et al. (US 2003/0131259 Al) 
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further in view of Bazot et al. (US 2004/0073629 Al), and further in view of "Netscape Proxy 
Server Administrator's Guide Version 3.5 for Unix", 1997, as provided by applicant herein after 
Netscape_unix_v3.5. 



As per claim 10: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam further discloses a method permitting the insecure transactions to proceed 
in the modified fashion by changing the reference links from Hypertext Transfer Protocol 
(HTTP) insecure links to HTTP over Secure Sockets Layer (HTTPS) [Subramaniam : Col. 3, 
lines 66-67; Col. 4, lines 1-8; Transforming non-secure URLs (i.e. HTTP) into secure URLs 
(i.e. HTTPs)]. 

Subramaniam, Barton, and Bazot do not disclose to suppress the security warning 
messages. 

However, Netscape_unix_v3.5 discloses to suppress the security warning messages 
[Netscape_unix_v3.5 : Chapter 10, pages 1-3; A proxy server can be configured a custom 
message, which sends to an external client. A customized text message can be an empty 
text]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 



Application/Control Number: 1 0/752,385 Page 1 6 

Art Unit: 2439 

secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 12: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam discloses a method permitting insecure transactions to proceed unmodified 
[Subramaniam: Col. 2, lines 36-41]. 

Subramaniam, Barton, and Bazot do not explicitly disclose permitting normally occurring 
security warnings to be presented to the client before satisfying the external client access attempt 
to reference the external site. 

However, Netscape_unix_v3.5 discloses permitting normally occurring security warnings 
to be presented to external the client before satisfying the external client access attempt to 
reference the external site [Netscape_unix_v3.5 : Chapter 10, pages 1-3; Chapter 13, page 1; 
A proxy server can be configured a custom message, which sends to an external client. A 
customized text message can be security warning messages]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
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webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 



As per claim 14: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam, Barton, and Bazot do not explicitly disclose method, wherein the making a 
determination further includes denying the insecure transactions after determining that the 
external client access attempt is corrupted and notifying the external client of the denial. 

However, Netscape_unix_v3.5 discloses a method wherein the making a determination 
further includes denying the insecure transactions after determining that the external client access 
attempt is corrupted and notifying the external client of the denial [Netscape_unix_v3.5 : 
Chapter 13, page 1; A proxy will issue a fatal error (i.e. catastrophe) if an outside agent 
causes cache files to become corrupt]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 
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As per claim 15: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam, Barton, and Bazot do not explicitly disclose the method of claim 8 
wherein the making a determination further includes denying the some of the insecure 
transactions after determining that the external client access attempt is corrupted and logging 
information about the external client access attempt. 

However, Netscape_unix_v3.5 discloses a method wherein the making a determination 
further includes denying the insecure transactions after determining that the external client access 
attempt is corrupted and logging information about the external client access attempt 
[Netscape_unix_v3.5 : Chapter 13, pages 1-7]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 



As per claim 18: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 
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Subramaniam further discloses the secure communications management system of claim 
16 wherein the proxy selectively modifies a number of the insecure communications 
[Subramaniam : Col. 3, lines 34-51; Col. 3, line 66 to Col. 4, line 8]. 

Subramaniam, Barton, and Bazot do not explicitly disclose to suppress normally 
occurring security warning messages that the secure communications manager issues. 

However, Netscape_unix_v3.5 discloses to suppress normally occurring security warning 
messages that the secure communications manager issues [Netscape_unix_v3.5 : Chapter 13, 
page 1; A proxy will issue a fatal error (i.e. catastrophe) if an outside agent causes cache 
files to become corrupt]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 19: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam further discloses the secure communications management system of claim 
16 wherein the proxy selectively leaves a number of the insecure communications unchanged 
[Subramaniam: Col. 2, lines 36-41]. 
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Subramaniam, Barton, and Bazot do not explicitly disclose to issue security warning 
messages to the external client. 

However, Netscape_unix_v3.5 discloses a proxy sending security warning messages to 
the external client [Netscape_unix_v3.5 : Chapter 10, pages 1-3; Chapter 13, page 1; A 
proxy server can be configured a custom message, which sends to an external client. A 
customized text message can be security warning messages]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 20: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam, Barton, and Bazot do not explicitly disclose a proxy which selectively 
denies a number of the insecure communications to proceed and at performs at least one of 
reports the denial to another entity and records the denial in a log. 

However, Netscape_unix_v3.5 discloses a proxy which selectively denies a number of 
the insecure communications to proceed and at performs at least one of reports the denial to 
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another entity and records the denial in a log [Netscape_unix_v3.5 : Chapter 13, page 1; A 
proxy will issue a fatal error (i.e. catastrophe) if an outside agent causes cache files to 
become corrupt; Proxy error log messages include Catastrophe error, Failure, information 
log entry, warning flags, and security warning]. 

Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 

As per claim 21: 

The combination of Subramaniam, Barton, and Bazot teach the subject matter as 
described above. 

Subramaniam, Barton, and Bazot do not disclose a proxy selectively sending custom 
warning messages or explanations to the external client regarding a number of the insecure 
communications. 

However, Netscape_unix_v3.5 discloses a proxy which selectively issues custom 
warning messages or explanations to the external client regarding a number of the insecure 
communications [Netscape_unix_v3.5: Chapter 10, pages 1-3; Chapter 13, page 1; A proxy 
server can be configured a custom message, which sends to an external client. A 
customized text message can be security warning messages]. 
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Thus, it would have been obvious to one person of ordinary skill in the art at the time the 
invention was made to combine the method of Subramaniam, Barton, and Bazot by including the 
teaching of Netscape_unix_v3.5 because it would improve warning techniques for managing 
secure warning communications by triggering appropriate action such as sending of a warning 
webpage to client or an issue of an alert message to a network administrator [Barton: par. 
[0033]]. 



Conclusion 

The examiner requests, in response to this Office action, support be shown for language 
added to any original claims on amendment and any new claims. That is, indicate support for 
newly added claim language by specifically pointing to page(s) and line number(s) in the 
specification and/or drawing figure(s). This will assist the examiner in prosecuting the 
application. Failure to show support can result in a non-compliant response. 

When responding to this office action, Applicant is advised that if Applicant traverses an 
obviousness rejection under 35 U.S.C. 103, a reasoned statement must be included explaining 
why the Applicant believes the Office has erred substantively as to the factual findings or the 
conclusion of obviousness See 37 CFR 1.111(b). 

Additionally Applicant is further advised to clearly point out the patentable novelty which he or 
she thinks the claims present, in view of the state of the art disclosed by the references cited or 
the objections made. He or she must also show how the amendments avoid such references or 
objections See 37 CFR 1 . 1 1 1(c). 
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Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Canh Le whose telephone number is 571-270-1380. The 
examiner can normally be reached on Monday to Friday 7:30AM to 5:00PM other Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Orgad Edan can be reached on 571-272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Christian LaForgia/ 

Primary Examiner, Art Unit 2439 

/Canh Le/ 

Examiner, Art Unit 2439 
May 12, 2009 



